Bug Description

[Impact]
The version of percona-xtradb-cluster-5.6 in xenial and later is out of date with know security vulnerabilities; users of this package are a risk of compromise.

[Test Case]
To verify the upgrade to the newer versions is OK, deployment of a three unit pxc cluster with sample date, upgrade to new version and re-verification of data will be undertaken.

[Regression Potential]
Medium; we're re-aligning across all three packages with Percona's upstream repositories however this will require a version dependency bump in percona-xtrabackup (2.2.x -> 2.3.x); this should be fine, but this tool has potential use outside of percona-xtradb-server-5.6 (its great for online backups of MySQL generally).

The test plan covers its use in PXC; however I would propose an extended bake period in -proposed with a call for testing on the ubuntu-server list prior to release to -updates.

[Original Bug Report]
The version of pxc in Ubuntu is really quite old with a number of security vulnerabilities; we should rebase onto the latest 5.6 release from PXC upstream.

I've tested upgrades from the current zesty versions (in a three unit cluster) to the new versions of pxc, xtrabackup and galera in the PPA from #4. This included a sample dataset export from one of the QA OpenStack clouds that we run; package upgrade was clean, with units only dropping from the cluster when the mysqld was down during the package upgrade - mix of old and new versions appeared to be OK during the upgrade process.

Also performed the same testing for xenial based on packages in the PPA (same target versions as for zesty).

Could you confirm what the percona policy is on behavioural changes within a pxc series between point release updates? I think we understand what happens in the Oracle sourced base MySQL, but have less understanding of what happens in the Percona overlays in percona-server and percona-xtradb-cluster.

<georgelorch> jamespage, well, as you already know, PXC is based pn PS, which is based on MySQL, so PXC inherits all changed that occur along the chain. We do not have a stone cut policy on small features improvements within a minor series but generally anything significant must go into the next major series release. So no, minor updates are not limited to bugs only. New features and improvements might come in as well. Anything that might be a major difference like file format changes, deprecation or changing of option behaviors, etc... must only go into new major series releases.

<jamespage> georgelorch: right that's what I guessed but wanted to make sure - that's reflected in the release notes for 5.6 say

<georgelorch> Honestly I have never seen those guidelines documented anywhere, but that is what we have lived by for my 5 years or so here at Percona. Release notes though are detailed and accurate, at no time will we ever try to 'sneak something through' by not documenting, if it happens, it is a mistake and not intentional.

<rbasak> georgelorch: thanks. So for the feature changes, are there any changes that may change behaviour to users in a way that the user doesn't want?

georgelorch: for example, 5.6.34-26.19 deprecated some options. Is that going to cause users any grief if they want to continue using them? Or for example does the change to wsrep_desync_count affect any behaviour from users' perspectives in a way they may not want?

<georgelorch> rbasak, what do you mean, on minor/point update, the general rule is that users should never even know that an update happened unless absolutely unavoidable to say fix some security issue.
that one I can not answer, I do not work on PXC so really have no idea what it does.
generally though deprecating an option mid series means the option should still be there, just not responsive in the same way and will go away next major release. Some of that is us, some we inherit from our upstreams.

<rbasak> Thanks. "users should never even know..." is what I was looking for :)

<georgelorch> +1

<jamespage> James Page georgelorch: thankyou for clarifying that!

<georgelorch> there are always exceptions, but that is the rule that we go by

As the primary driver for the stable updates is to resolve the outstanding CVE's since 5.6.21 (which is not an inconsiderable list) its been suggested that this be handled as a security update via the security team.

mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.6.34-79.1-79.1 Percona XtraDB Cluster (GPL), Release 5.6.34-26.19.4c779b7, wsrep_26.19

The verification of the Stable Release Update for percona-xtradb-cluster-5.6 has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.